The Cmd_shell component in SQL Server is powerful and can be used to implement all of the features of the Windows system, so this component is also the biggest security risk for SQL Server. This component is turned on by default in SQL Server 2000, and this component in SQL Server 2005 is closed as part of this server security configuration by default. Sometimes we need to use this component, and the relevant statements to open this component are as follows:
Copy Code code as follows:
--to allow advanced options to be changed.
EXEC sp_configure ' show advanced options ', 1
Go
--to update the currently configured value for advanced options.
Reconfigure
Go-to enable the feature.
EXEC sp_configure ' xp_cmdshell ', 1
Go
--to update the currently configured value for this feature.
Reconfigure
Go
To ensure the security of the database server, it is recommended that the component be closed after use, and the relevant statements for closing the component are as follows:
Copy Code code as follows:
--to allow advanced options to be changed.
EXEC sp_configure ' show advanced options ', 1
Go
--to update the currently configured value for advanced options.
Reconfigure
Go-to enable the feature.
EXEC sp_configure ' xp_cmdshell ', 0
Go
--to update the currently configured value for this feature.
Reconfigure
Go